yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added the permissions checks in the new content tree including start node rendering

Browse Source
This commit is contained in:
Shannon
2013-07-30 15:30:04 +10:00
parent 2d38938d86
commit 217bcaf625
7 changed files with 98 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Umbraco.Web.UI.Client/src/common/directives/umbtree.directive.js
View File

@@ -29,7 +29,7 @@ angular.module("umbraco.directives")
if(!hideheader){
template +='<div>' +
'<h5><a class="root-link">{{tree.name}}</a></h5>' +
'<i class="umb-options" ng-hide="tree.root.isContainer" ng-click="options(this, tree.root, $event)"><i></i><i></i><i></i></i>' +
'<i class="umb-options" ng-hide="tree.root.isContainer || !tree.root.menuUrl" ng-click="options(this, tree.root, $event)"><i></i><i></i><i></i></i>' +
'</div>';
}
template += '<ul>' +

2
src/Umbraco.Web.UI.Client/src/common/directives/umbtreeitem.directive.js
View File

@@ -35,7 +35,7 @@ angular.module("umbraco.directives")
'<ins ng-show="node.hasChildren" ng-class="{\'icon-caret-right\': !node.expanded, \'icon-caret-down\': node.expanded}" ng-click="load(this, node)"></ins>' +
'<i class="{{node | umbTreeIconClass:\'icon umb-tree-icon sprTree\'}}" style="{{node | umbTreeIconStyle}}"></i>' +
'<a href="" ng-click="select(this, node, $event)" >{{node.name}}</a>' +
'<i class="umb-options" ng-click="options(this, node, $event)"><i></i><i></i><i></i></i>' +
'<i class="umb-options" ng-hide="!tree.root.menuUrl" ng-click="options(this, node, $event)"><i></i><i></i><i></i></i>' +
'<div ng-show="node.loading" class="l"><div></div></div>' +
'</div>' +
'</li>',

1
src/Umbraco.Web/Trees/ApplicationTreeController.cs
View File

@@ -117,6 +117,7 @@ namespace Umbraco.Web.Trees
rootId,
rootNode.Result.MenuUrl)
{
Title = rootNode.Result.Title,
Children = byControllerAttempt.Result
};

63
src/Umbraco.Web/Trees/ContentTreeController.cs
View File

@@ -7,18 +7,54 @@ using System.Net.Http.Formatting;
using System.Web.Http;
using Umbraco.Core;
using Umbraco.Core.Models;
using Umbraco.Core.Models.EntityBase;
using umbraco.BusinessLogic.Actions;
using umbraco.businesslogic;
using umbraco.interfaces;
namespace Umbraco.Web.Trees
{
//[Tree(Constants.Applications.Content, Constants.Trees.Content, "Content")]
//public class MediaTreeController : ContentTreeControllerBase
//{
// protected override TreeNodeCollection GetTreeData(string id, FormDataCollection queryStrings)
// {
// throw new NotImplementedException();
// }
// protected override MenuItemCollection GetMenuForNode(string id, FormDataCollection queryStrings)
// {
// throw new NotImplementedException();
// }
//}
[Tree(Constants.Applications.Content, Constants.Trees.Content, "Content")]
public class ContentTreeController : ContentTreeControllerBase
{
protected override TreeNode CreateRootNode(FormDataCollection queryStrings)
{
//TODO: We need to implement security checks here and the user's start node!
//if the user's start node is not default, then return their start node as the root node.
if (UmbracoUser.StartNodeId != Constants.System.Root)
{
var currApp = queryStrings.GetValue<string>(TreeQueryStringParameters.Application);
var userRoot = Services.EntityService.Get(UmbracoUser.StartNodeId, UmbracoObjectTypes.Document);
if (userRoot == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
var node = new TreeNode(
userRoot.Id.ToInvariantString(),
"", //root nodes aren't expandable, no need to lookup the child nodes url
Url.GetMenuUrl(GetType(), userRoot.Id.ToInvariantString(), queryStrings))
{
HasChildren = true,
RoutePath = currApp,
Title = userRoot.Name
};
return node;
}
return base.CreateRootNode(queryStrings);
}
@@ -32,19 +68,34 @@ namespace Umbraco.Web.Trees
}
var nodes = new TreeNodeCollection();
var entities = Services.EntityService.GetChildren(iid, UmbracoObjectTypes.Document).ToArray();
IEnumerable<IUmbracoEntity> entities;
//if a request is made for the root node data but the user's start node is not the default, then
// we need to return their start node data
if (iid == Constants.System.Root && UmbracoUser.StartNodeId != Constants.System.Root)
{
entities = Services.EntityService.GetChildren(UmbracoUser.StartNodeId, UmbracoObjectTypes.Document).ToArray();
}
else
{
entities = Services.EntityService.GetChildren(iid, UmbracoObjectTypes.Document).ToArray();
}
foreach (var entity in entities)
{
//TODO: We need to implement security checks here!
var e = (UmbracoEntity)entity;
nodes.Add(
var allowedUserOptions = GetUserMenuItemsForNode(e);
if (CanUserAccessNode(e, allowedUserOptions))
{
nodes.Add(
CreateTreeNode(
e.Id.ToInvariantString(),
queryStrings,
e.Name,
e.ContentTypeIcon,
e.HasChildren));
}
}
return nodes;
}
@@ -89,7 +140,7 @@ namespace Umbraco.Web.Trees
return GetUserAllowedMenuItems(
CreateAllowedActions(),
GetUserMenuItemsForNode((UmbracoEntity) item));
GetUserMenuItemsForNode(item));
}
protected IEnumerable<MenuItem> CreateAllowedActions()

14
src/Umbraco.Web/Trees/ContentTreeControllerBase.cs
View File

@@ -1,6 +1,7 @@
using System.Collections.Generic;
using System.Linq;
using Umbraco.Core.Models;
using Umbraco.Core.Models.EntityBase;
using umbraco.BusinessLogic.Actions;
namespace Umbraco.Web.Trees
@@ -22,7 +23,7 @@ namespace Umbraco.Web.Trees
|| (a.Action.CanBePermissionAssigned && userAllowedActions.Contains(a.Action)))));
}
internal MenuItemCollection GetUserMenuItemsForNode(UmbracoEntity dd)
internal MenuItemCollection GetUserMenuItemsForNode(IUmbracoEntity dd)
{
var actions = global::umbraco.BusinessLogic.Actions.Action.FromString(UmbracoUser.GetPermissions(dd.Path));
@@ -33,5 +34,16 @@ namespace Umbraco.Web.Trees
return new MenuItemCollection(actions.Select(x => new MenuItem(x)));
}
/// <summary>
/// Determins if the user has access to view the node/document
/// </summary>
/// <param name="doc">The Document to check permissions against</param>
/// <param name="allowedUserOptions">A list of MenuItems that the user has permissions to execute on the current document</param>
/// <remarks>By default the user must have Browse permissions to see the node in the Content tree</remarks>
/// <returns></returns>
internal bool CanUserAccessNode(IUmbracoEntity doc, IEnumerable<MenuItem> allowedUserOptions)
{
return allowedUserOptions.Select(x => x.Action).OfType<ActionBrowse>().Any();
}
}
}

48
src/Umbraco.Web/Trees/TreeApiController.cs
View File

@@ -93,6 +93,13 @@ namespace Umbraco.Web.Trees
node.AdditionalData.Add("searchable", "true");
}
//now update all data based on some of the query strings, like if we are running in dialog mode
var isDialog = queryStrings.GetValue<bool>(TreeQueryStringParameters.DialogMode);
if (isDialog)
{
node.RoutePath = "#";
}
OnRootNodeRendering(this, new TreeNodeRenderingEventArgs(node, queryStrings));
return node;
@@ -121,6 +128,16 @@ namespace Umbraco.Web.Trees
AddQueryStringsToAdditionalData(node, queryStrings);
}
//now update all data based on some of the query strings, like if we are running in dialog mode
var isDialog = queryStrings.GetValue<bool>(TreeQueryStringParameters.DialogMode);
if (isDialog)
{
foreach (var node in nodes)
{
node.RoutePath = "#";
}
}
//raise the event
OnTreeNodesRendering(this, new TreeNodesRenderingEventArgs(nodes, queryStrings));
@@ -146,40 +163,19 @@ namespace Umbraco.Web.Trees
/// <returns></returns>
protected virtual TreeNode CreateRootNode(FormDataCollection queryStrings)
{
var rootNodeAsString = Constants.System.Root.ToString(CultureInfo.InvariantCulture);
var rootNodeAsString = Constants.System.Root.ToString(CultureInfo.InvariantCulture);
var currApp = queryStrings.GetValue<string>(TreeQueryStringParameters.Application);
var getChildNodesUrl = Url.GetTreeUrl(
GetType(),
rootNodeAsString,
queryStrings);
var getMenuUrl = Url.GetMenuUrl(
GetType(),
rootNodeAsString,
queryStrings);
var isDialog = queryStrings.GetValue<bool>(TreeQueryStringParameters.DialogMode);
//var node = new TreeNode(RootNodeId, BackOfficeRequestContext.RegisteredComponents.MenuItems, jsonUrl)
var node = new TreeNode(
rootNodeAsString,
getChildNodesUrl,
getMenuUrl)
"", //root nodes aren't expandable, no need to lookup the child nodes url
Url.GetMenuUrl(GetType(), rootNodeAsString, queryStrings))
{
HasChildren = true,
////THIS IS TEMPORARY UNTIL WE FIGURE OUT HOW WE ARE LOADING STUFF (I.E. VIEW NAMES, ACTION NAMES, DUNNO)
//EditorUrl = queryStrings.HasKey(TreeQueryStringParameters.OnNodeClick) //has a node click handler?
// ? queryStrings.Get(TreeQueryStringParameters.OnNodeClick) //return node click handler
// : isDialog //is in dialog mode without a click handler ?
// ? "#" //return empty string, otherwise, return an editor URL:
// : "mydashboard",
RoutePath = currApp,
Title = RootNodeDisplayName
};
return node;
}

5
src/Umbraco.Web/Trees/TreeQueryStringParameters.cs
View File

@@ -6,7 +6,8 @@
internal struct TreeQueryStringParameters
{
public const string DialogMode = "DialogMode";
public const string OnNodeClick = "OnNodeClick";
public const string RenderParent = "RenderParent";
public const string Application = "application";
//public const string OnNodeClick = "OnNodeClick";
//public const string RenderParent = "RenderParent";
}
}